package com.imooc.security.user;

import org.checkerframework.checker.units.qual.A;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.web.method.HandlerTypePredicate;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.validation.Valid;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;

/**
 * @ClassName UserController
 * @Description TODO
 * @Author wushaopei
 * @Date 2020/10/14 21:14
 * @Version 1.0
 */
@RestController
@RequestMapping("/users")
public class UserController {

//    @Autowired
//    private JdbcTemplate jdbcTemplate;
//
    @Autowired
    private UserRepository userRepository;

    @Autowired
    private UserService userService;

    @GetMapping("/login")
    public void login(@Validated UserInfo user, HttpServletRequest request,HttpServletResponse response){
        // 登录
        UserInfo info = (UserInfo)userService.login(user);
//        request.getSession().setAttribute("user",info);
        // 优化，解决Session固定攻击
        HttpSession session = request.getSession(false); // 将当前请求的sessionId失效
        // session不为空，就将session失效掉，重新生成
        if(session != null ){
            session.invalidate();
        }
        // true用于标识生成新的JSESSIONID
        request.getSession(true).setAttribute("user", info);
    }

    @GetMapping("/logout")
    public void logout(HttpServletRequest request,HttpServletResponse response){
        // 退出操作，将当前session失效
        request.getSession().invalidate();
    }

    /**
     * @Description TODO 新增用户
     * @param user
     * @return
     */
    @PostMapping
    public UserInfo create(@RequestBody  @Validated UserInfo user){
        return userService.create(user);
    }

    /**
     * @Description TODO 修改用户信息
     * @param user
     * @return
     */
    @PutMapping("/{id}")
    public UserInfo update(@RequestBody  @Validated UserInfo user){
        return userService.update(user);
    }

    /**
     * @Description TODO 删除一个用户
     * @param id
     */
    @DeleteMapping("/{id}")
    public void delete(@PathVariable Long id){
        userService.delete(id);
    }

    /**
     * @Description TODO 查一个用户
     * @param id
     * @param request
     * @param response
     * @return
     */
    @GetMapping("/{id}")
    public UserInfo get(@PathVariable Long id , HttpServletRequest request, HttpServletResponse response){
        UserInfo user = (UserInfo)request.getSession().getAttribute("user");
        if( user == null || !user.getId().equals(id)){
            throw new RuntimeException("身份认证信息异常，获取用户信息失败");
        }
        return  userService.get(id);
    }

    /**
     * @Description TODO 查询多个用户
     * @param name
     * @return
     */
    @GetMapping
    public List<UserInfo> query(String name){
//        String sql = "SELECT id,name FROM user where name = '"+name+"'";
//        List data = jdbcTemplate.queryForList(sql);
//        return data;
        return userService.query(name);
    }

}
